Basket Generative AI Prohibited Use Policy

This Policy sets out how Basket (Intent Technologies Ltd) allows the use of generative AI features and models within our products and services, and what activities are prohibited. It applies to your use of any Basket experiences that involve AI-generated or AI-assisted content, including on our website, web app, mobile apps, and browser extensions (collectively, the "Service").

This Policy should be read together with our Terms of Service, Privacy Policy, and Cookie Policy. Capitalised terms have the meanings given in those documents.

1. Scope and Principles

• Basket Generative AI is provided to enhance your shopping experience (e.g., approximate visual representation of products, content summarisation, recommendations, insights).
• You are responsible for your prompts, uploads, and any content you generate or distribute using the Service.
• All use must comply with applicable law and our Terms of Service (including Sections 9 and 16), Privacy Policy (including DUAA 2025, UK GDPR, PECR compliance), and Cookie Policy (including teen protections and consent rules).
• We may use automated systems (including AI) to analyse content and behaviour to operate, secure, and improve the Service, consistent with our Privacy Policy.

2. Prohibited Activities

You must not use Basket Generative AI features in the Service to generate, upload, request, distribute, or facilitate content or activity that is illegal, harmful, or violates rights or our policies.

You must not use Basket Generative AI for any of the following, without limitation:

2.1 Dangerous or Illegal Activities

1. Child sexual abuse or exploitation, grooming, or endangerment of minors.
2. Violent extremism or terrorism (promotion, praise, recruitment, or facilitation).
3. Non‑consensual intimate imagery; sexual content created for sexual gratification; pornography.
4. Self‑harm guidance or encouragement.
5. Instructions enabling illegal or regulated activities (e.g., creating explosives, weaponisation, acquiring illegal substances, large‑scale shoplifting schemes, cybercrime).
6. Violations of others’ rights (privacy, intellectual property, publicity, confidentiality). Do not request or generate content that misuses personal data, biometrics, or trade secrets.
7. Stalking, tracking, or monitoring people without legally required consent.
8. Automated decisions with material detrimental impact in high‑risk domains without qualified human review (e.g., employment, healthcare, finance, legal, housing, insurance, social welfare).

2.2 Security and Service Integrity

1. Spam, phishing, malware, or malicious code.
2. Attempts to compromise, disrupt, or overload Basket or third‑party services, or to bypass safety systems, rate limits, or access controls.
3. Generating or assisting credential harvesting, social engineering, or security evasion content.

2.3 Harmful, Hateful, or Harassing Content

1. Hatred or hate speech targeting protected characteristics.
2. Harassment, bullying, intimidation, or threats of violence.
3. Graphic or gratuitous violence.

2.4 Misinformation, Misrepresentation, and Deception

1. Frauds, scams, or deceptive schemes.
2. Impersonating any individual or entity without clear disclosure and lawful basis.
3. Misleading claims of expertise or capability in sensitive areas (health, finance, legal, government services) intended to deceive.
4. Misleading claims related to democratic processes or harmful health practices intended to deceive.
5. Misrepresenting the provenance of generated content (e.g., claiming content was solely human‑created in order to deceive).

2.5 Privacy, Data Protection, and Teen Protections

1. Using AI outputs to build or enrich marketing profiles of users under 18, or to target minors for commercial purposes. For known minor users (as defined in our Privacy and Cookie Policies), marketing tracking is disabled and profiling is restricted.
2. Processing personal data in violation of our Privacy Policy, DUAA 2025, UK GDPR, or PECR. This includes using sensitive or special category data without a lawful basis.
3. Collecting or inferring personal data about individuals from non‑whitelisted sites via our browser extension. The extension only collects browsing data on whitelisted retailer sites and product metadata from pages implementing schema.org/Product, as described in our Privacy Policy.
4. Circumventing consent choices or cookie preferences. Marketing cookies require explicit consent and are disabled by default for known minors.

2.6 Platform‑Specific Abuses

1. Gaming or manipulating the points, cashback, or affiliate systems (e.g., fabricated purchases, coordinated exploitation, automated activity) using AI prompts or generated content.
2. Mass‑generation of deceptive product reviews, counterfeit offers, or retailer communications.
3. Automated scraping or replication of Basket content, features, or interfaces where prohibited by our Terms (including robots.txt and fair usage rules).

3. Age Restrictions

If you are under 18 years old, you must not use Basket Generative AI, including AI‑enabled "try‑on" or similar simulated/augmented imaging features, unless parental consent has been provided through our self‑reporting process (see Terms of Service: Age‑Based Service Limitations and Parental Consent). Where we have actual knowledge that a user is under 18 without parental consent, access to try‑on features is prohibited and will be disabled.

4. Content Quality, Disclosures, and Sensitive Domains

• No professional advice: Do not present AI outputs as financial, investment, tax, legal, or medical advice. Any informational content must include appropriate context and disclaimers (see Terms Sections 13 and 14).
• Transparency: Where practical, clearly disclose when content presented to others is AI‑generated or AI‑assisted, particularly in public baskets, shared links, or creator activities.
• Accuracy and verification: You are responsible for verifying facts, prices, availability, and retailer terms before acting on AI outputs. Our Service may summarise or enrich third‑party data; accuracy is not guaranteed.

5. Model Safety, Rate Limits, and Abuse Prevention

• Do not prompt or manipulate models with the intent to bypass safety filters or generate prohibited content.
• Do not automate or chain prompts to evade limits or create scale harms (spam, scraping, mass deception).
• We may throttle, filter, block, or log AI interactions to protect users and comply with law and our policies.

6. Data Use, Privacy, and Cookies

• Our use of AI is governed by the Privacy Policy. We may process prompts, inputs, and outputs to operate, secure, and improve features, subject to DUAA 2025, UK GDPR, and PECR.
• Session recordings (PostHog) may capture UI interactions with AI features for product improvement; sensitive fields are masked; retention is limited as stated in the Privacy and Cookie Policies. You can opt out of session recording as described there.
• Consent and teens: Marketing cookies require consent and are not used for known minors. Analytics operate under legitimate interests with opt‑out controls per the Cookie Policy.

7. Intellectual Property and Third‑Party Rights

• Respect IP: Do not request or generate content that infringes copyrights, trademarks, patents, trade secrets, or publicity rights.
• Third‑party terms: Content about brands and retailers must respect their rights and terms. We act as a marketplace/intermediary for gift cards; retailer terms apply.

8. Enforcement, Reporting, and Consequences

• Enforcement: Violations may result in content removal, feature restrictions, suspension, or termination under our Terms (see Section 16), and where required, reports to authorities.
• Reporting: Report suspected abuse or violations via in‑app support or hello@trybasket.com. Illegal content involving minors will be reported to relevant authorities.
• Recourse: We may preserve records and cooperate with law enforcement where legally required.

9. Limited Exceptions

We may consider limited exceptions for educational, documentary, scientific, or artistic purposes where substantial public benefit outweighs risks and appropriate safeguards (e.g., redaction, access controls, human review) are in place. Exceptions do not apply to child sexual abuse material or other strictly illegal content.

10. Changes to this Policy

We may update this Policy to reflect legal changes (including DUAA 2025 updates), new features, or safety improvements. Material changes will be notified via email or in‑app notices. Check the version and date above.

11. Contact

Intent Technologies Ltd ("Basket") 20-22 Wenlock Road, London, N1 7GU, United Kingdom

• General: support via in‑app chat or support@trybasket.com
• Privacy/Data: privacy@trybasket.com
• Abuse/Reports: support via in‑app chat or email

If we cannot resolve your concern, you may contact the Information Commissioner’s Office (ICO) at ico.org.uk.

‍